{"id":1629,"date":"2014-12-04T10:08:07","date_gmt":"2014-12-04T09:08:07","guid":{"rendered":"http:\/\/www.zarrelli.org\/blog\/?p=1629"},"modified":"2014-12-04T10:08:07","modified_gmt":"2014-12-04T09:08:07","slug":"easy-routing-workaround-linux-fortinet-ssl-client","status":"publish","type":"post","link":"https:\/\/www.zarrelli.org\/blog\/easy-routing-workaround-linux-fortinet-ssl-client\/","title":{"rendered":"Easy routing workaround for Linux Fortinet SSL client"},"content":{"rendered":"

So you have your Fortinet Linux SSL VPN client, you setup your credential, fire up the connection, it connects, then you\u00a0do not have access to any of your machines on your private vpn.<\/p>\n

\"Schermata<\/a><\/p>\n

\n

Nasty.<\/p>\n

You can see sent and received byte numbers flipping on the forticlient window, but you go nowhere.<\/p>\n

Errrr!!! Routing problems.<\/p>\n

Go either in your 64bit or 32bit client directory and edit<\/p>\n

sysconfig.linux.sh<\/pre>\n
\n
Look for the following line:<\/p>\n
addr=`ip addr show $ifn | grep \"inet\" | tr '\/' ' ' | awk '{ print $2 }'`<\/pre>\n
\n
and change it to:<\/p>\n
addr=`ip addr show $ifn | grep -m 1 \"inet\" | tr '\/' ' ' | awk '{ print $2 }'`<\/pre>\n
\n
That’s it. It’s a simple matching problem.<\/p>\n
As you can see in :<\/p>\n
forticlientsslvpn.log<\/pre>\n
It fails to grep the IP address for the ppp0 interface and so, it fails to create a new route towards your private network.<\/p>\n
Easy and nasty.<\/p>\n","protected":false},"excerpt":{"rendered":"
So you have your Fortinet Linux SSL VPN client, you setup your credential, fire up the connection, it connects, then you\u00a0do not have access to any of your machines on your private vpn. Nasty. You can see sent and received byte numbers flipping on the forticlient window, but you go nowhere. Errrr!!! Routing problems. Go …<\/p>\n","protected":false},"author":5,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16,31,36],"tags":[452,451,139,453,225],"class_list":["post-1629","post","type-post","status-publish","format-standard","hentry","category-debian","category-gnulinux","category-internet","tag-forticlient","tag-fortinet","tag-linux","tag-routing","tag-vpn","without-featured-image"],"_links":{"self":[{"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/posts\/1629","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/comments?post=1629"}],"version-history":[{"count":0,"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/posts\/1629\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/media?parent=1629"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/categories?post=1629"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.zarrelli.org\/blog\/wp-json\/wp\/v2\/tags?post=1629"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}